package com.sghj.config;

import com.sghj.config.realm.ShiroSessionListener;
import com.sghj.config.realm.myRealm;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.session.SessionListener;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.session.mgt.eis.MemorySessionDAO;
import org.apache.shiro.session.mgt.eis.SessionDAO;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.*;

/**
 * @author xrx
 * @Date 2022/2/13
 * @apiNote
 */
@Configuration
public class ShiroConfig {
    //@Bean
    //public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultWebSecurityManager sm){
    //    final ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
    //
    //    shiroFilterFactoryBean.setSecurityManager(sm);

        ////设定登录地址，如果没登录则跳转到此地址
        //shiroFilterFactoryBean.setLoginUrl("");
        ////登录成功后跳转页面
        //shiroFilterFactoryBean.setSuccessUrl("");
        ////未验证跳转的地址
        //shiroFilterFactoryBean.setUnauthorizedUrl("");

        //自定义拦截器
        //Map<String, Filter> filters = new LinkedHashMap<>();
        //filters.put("aaa",new MyShiroFilter());
        //shiroFilterFactoryBean.setFilters(filters);

        //使用shiro自己的拦截器
        //Map<String, String> filterChainDefinitionMap = new HashMap<>();
        //filterChainDefinitionMap.put("/user/login","anon");      //anon 游客模式
        ////filterChainDefinitionMap.put("/menu/ctyy","anon");
        //filterChainDefinitionMap.put("/**","authc");            //认证模式
        //shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
        //return shiroFilterFactoryBean;
    //}

    @Bean
    public Realm myRealm(CredentialsMatcher matcher){
        myRealm myRealm = new myRealm();
        //密码匹配规则
        myRealm.setCredentialsMatcher(matcher);
        return myRealm;
    }

    //流程控制
    @Bean
    public DefaultWebSecurityManager mySecurityManager(Realm myRealm){
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealm(myRealm);
        securityManager.setSessionManager(sessionManager());
        return securityManager;
    }

    // 请求过滤器
    @Bean(name = "shiroFilterFactoryBean")
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultWebSecurityManager mySecurityManager){
        ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
        factoryBean.setSecurityManager(mySecurityManager);

        //Map<String,String> filterMap = new HashMap<>();
        //表示登录才能 访问
        //filterMap.put("/menu/**","authc");
        //factoryBean.setFilterChainDefinitionMap(filterMap);
        return factoryBean;
    }

    //密码匹配规则
    @Bean
    public CredentialsMatcher matcher(){
        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
        hashedCredentialsMatcher.setHashIterations(1024);
        hashedCredentialsMatcher.setHashAlgorithmName("MD5");
        return hashedCredentialsMatcher;
    }




    /**
     * 自动代理
     * @return
     */
    @Bean
    //@DependsOn("lifecycleBeanPostProcessor")
    public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator(){
        DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
        defaultAdvisorAutoProxyCreator.setUsePrefix(true);
        defaultAdvisorAutoProxyCreator.setProxyTargetClass(true);
        return defaultAdvisorAutoProxyCreator;
    }

    /**
     * 配置切面
     * @param sm
     * @return
     */
    @Bean
    public AuthorizationAttributeSourceAdvisor advisor(DefaultWebSecurityManager sm){
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        //aop切面 拿到sm之后就知道realm的权限配置 就可以对访问的请求进行权限拦截
        authorizationAttributeSourceAdvisor.setSecurityManager(sm);
        return authorizationAttributeSourceAdvisor;
    }

    @Bean
    public SessionDAO sessionDAO() {
        MemorySessionDAO sessionDAO = new MemorySessionDAO();
        return sessionDAO;
    }

    @Bean
    public SessionManager sessionManager() {
        DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
        Collection<SessionListener> listeners = new ArrayList<SessionListener>();
        listeners.add(new ShiroSessionListener());
        sessionManager.setGlobalSessionTimeout(14400000L);
        sessionManager.setSessionListeners(listeners);
        sessionManager.setSessionDAO(sessionDAO());
        return sessionManager;
    }
    ///**
    // * 生命周期
    // * @return
    // */
    //@Bean(name = "lifecycleBeanPostProcessor")
    //public static LifecycleBeanPostProcessor getLifecycleBeanPostProcessor() {
    //    return new LifecycleBeanPostProcessor();
    //}
    //@Bean(name = "sessionManager")
    //public DefaultWebSessionManager sessionManager() {
    //    DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
    //    // 设置session过期时间3600s
    //    sessionManager.setGlobalSessionTimeout(14400000L);
    //    return sessionManager;
    //}

}
